Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AEF153A8F50E11EF898F5D61762E951A.roa
File: AEF153A8F50E11EF898F5D61762E951A.roa (raw, json)
Hash identifier: kvoEZsiCssd+q+Sma5gN7GRN7AtqHZoaaIwf21fbiOw=
Subject key identifier: 9F:BA:C2:66:F9:0A:3D:08:97:57:26:D9:BD:C5:23:3F:83:5E:E6:A2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016885
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AEF153A8F50E11EF898F5D61762E951A.roa
Signing time: Thu 27 Feb 2025 13:28:09 +0000
ROA not before: Thu 27 Feb 2025 13:28:05 +0000
ROA not after: Wed 26 Mar 2025 13:28:05 +0000
asID: 62240
IP address blocks: 154.196.19.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92293 (0x16885)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 13:28:05 2025 GMT
Not After : Mar 26 13:28:05 2025 GMT
Subject: CN=67c06868-2c5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:3f:ae:af:73:a7:1e:c3:1a:4a:92:eb:e8:a5:
ef:c6:d0:66:86:48:8d:e7:a3:08:dc:5a:c3:43:ae:
bb:9b:43:b2:ed:46:57:79:d1:68:5b:93:ed:d9:08:
86:ee:82:47:f7:02:8c:9e:c7:b1:e2:5a:2b:14:40:
35:d1:aa:82:58:32:33:bd:69:e4:9c:bd:81:35:5b:
a2:7f:0c:46:5d:f5:9c:2b:42:d6:1a:d2:e5:04:f5:
c6:7a:d1:2f:1c:11:5f:c2:44:d4:e6:ff:97:7d:72:
3b:47:74:44:f6:a9:77:2b:4f:cf:ce:b0:88:cc:3f:
22:ef:da:4b:c7:a5:09:d3:15:fe:10:fe:18:79:7f:
bb:45:46:0a:42:a3:96:86:c2:da:35:b7:c6:0a:94:
94:5a:a8:bd:2a:1e:0f:16:74:40:f7:e3:6a:c6:11:
01:3f:4f:8c:a3:3a:c8:74:a3:d7:ed:c4:07:1c:5d:
74:e4:20:2b:7a:2d:cf:cc:27:99:b5:b8:42:fe:14:
7a:d2:a7:41:3a:b5:fd:2c:5e:24:1c:9e:24:bc:78:
6e:a2:d1:ce:74:2c:52:11:da:6a:60:7a:d9:de:2c:
b0:41:7b:31:d4:c0:da:72:20:e2:8b:77:06:c3:b8:
92:53:8f:93:be:b4:a7:0e:34:3c:c3:23:f3:d5:a2:
06:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:BA:C2:66:F9:0A:3D:08:97:57:26:D9:BD:C5:23:3F:83:5E:E6:A2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AEF153A8F50E11EF898F5D61762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.19.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:ea:7c:91:3d:5c:29:6c:50:95:e0:d5:cd:18:f4:3a:6a:fc:
11:76:6e:7e:d6:35:f6:94:3b:99:3e:94:d5:44:df:2f:5d:80:
7e:f6:cd:d0:c9:7c:d6:63:85:f0:e4:75:d7:ac:6e:62:2c:77:
71:f9:bf:f8:9f:67:e5:a2:17:e6:dd:65:55:e8:6e:0c:13:04:
1f:a7:d1:ff:82:10:2c:de:f3:dc:26:ea:94:24:c1:45:9d:43:
aa:d0:71:23:d3:35:08:10:24:09:a4:90:52:07:d5:dd:3f:ee:
d5:0a:90:01:14:64:a9:7e:e0:e0:92:23:9c:31:a1:2b:fe:22:
af:5a:1b:62:06:72:4a:d5:ba:a1:c4:6f:1d:db:68:b8:e7:bf:
49:8a:9f:e5:e1:ca:4e:18:55:fd:61:1c:66:4d:cf:68:41:6c:
e5:e1:91:d3:2b:65:95:39:9f:8c:a1:e5:ee:c0:6d:f5:f1:88:
0a:cb:d4:41:e1:5b:0a:79:8c:d8:01:08:e7:9a:aa:13:8c:d1:
89:97:c7:49:08:0c:6c:48:f7:73:58:87:15:de:c1:e1:2e:48:
2b:5c:f1:dc:f6:be:d7:2a:e9:9d:9c:86:3e:56:13:1a:53:8d:
fd:eb:5d:04:15:f7:f1:05:7f:a7:5c:82:f3:f5:39:0c:0b:67:
c5:19:77:73
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWiFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MTMyODA1WhcNMjUwMzI2MTMyODA1WjAYMRYw
FAYDVQQDEw02N2MwNjg2OC0yYzVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0j+ur3OnHsMaSpLr6KXvxtBmhkiN56MI3FrDQ667m0Oy7UZXedFoW5Pt
2QiG7oJH9wKMnsex4lorFEA10aqCWDIzvWnknL2BNVuifwxGXfWcK0LWGtLlBPXG
etEvHBFfwkTU5v+XfXI7R3RE9ql3K0/PzrCIzD8i79pLx6UJ0xX+EP4YeX+7RUYK
QqOWhsLaNbfGCpSUWqi9Kh4PFnRA9+NqxhEBP0+MozrIdKPX7cQHHF105CArei3P
zCeZtbhC/hR60qdBOrX9LF4kHJ4kvHhuotHOdCxSEdpqYHrZ3iywQXsx1MDaciDi
i3cGw7iSU4+TvrSnDjQ8wyPz1aIGfQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJ+6
wmb5Cj0Il1cm2b3FIz+DXuaiMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BRUYxNTNBOEY1MEUxMUVGODk4RjVENjE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsQTMA0GCSqGSIb3DQEB
CwUAA4IBAQCy6nyRPVwpbFCV4NXNGPQ6avwRdm5+1jX2lDuZPpTVRN8vXYB+9s3Q
yXzWY4Xw5HXXrG5iLHdx+b/4n2flohfm3WVV6G4MEwQfp9H/ghAs3vPcJuqUJMFF
nUOq0HEj0zUIECQJpJBSB9XdP+7VCpABFGSpfuDgkiOcMaEr/iKvWhtiBnJK1bqh
xG8d22i4579Jip/l4cpOGFX9YRxmTc9oQWzl4ZHTK2WVOZ+MoeXuwG318YgKy9RB
4VsKeYzYAQjnmqoTjNGJl8dJCAxsSPdzWIcV3sHhLkgrXPHc9r7XKumdnIY+VhMa
U439610EFffxBX+nXILz9TkMC2fFGXdz
-----END CERTIFICATE-----
Generated at Fri May 9 11:24:17 2025 by rpki-client